MDT 2010 Wizard Example: Role Selection


We have seen lots of requests over the past couple of years for a wizard pane that allows you to select from a list of roles that should be applied to a machine, where those roles are defined in the MDT database.  There are a few examples of this available on the web, implemented in different ways.  I’ll throw another one into the mix, this one using an ADO.NET Data Services web service to get the needed data.  (If you didn’t read my previous posting about this setup, click here.)

<?xml version="1.0" encoding="utf-8"?>
<Wizard>
  <Global>
    <CustomStatement><![CDATA[
' ***************************************************************************
' File:	Roles.xml
' Author:	Michael Niehaus
' Version:	1.0
' Purpose:	Display a list of roles from the MDT database, retrieved
'	using an ADO.NET Data Services.web service.  One
'	or more roles can be selected.  After they have been
'	chosen, CustomSettings.ini needs to be re-processed
'	to pick up the new settings.  Ideally this would be done
'	after the wizard is complete (just in case someone 
'	navigated back to the screen after initially making
'	changes), but that requires changing LiteTouch.wsf.
'
' NOTE:	Be sure to modify the web service URL below
'
' ***************************************************************************

Function InitializeRoleList

	Dim sScript
	Dim oDataService
	Dim oRole
	Dim sRoles


	' Make sure that ZTIDataAccess.vbs is available since it isn't loaded by Wizard.hta

	sScript = oFSO.OpenTextFile(oUtility.ScriptDir & "\ZTIDataAccess.vbs", 1, false).ReadAll
	On Error Resume Next
	ExecuteGlobal sScript
	On Error Goto 0


	' Call the web service

	Set oDataService = New WebService
	oDataService.WebService = "http://localhost:62932/MDTDatabase.svc/RoleIdentity"
	oDataService.Method = "REST"

	Set oResult = oDataService.Query


	' Process the roles to populate the list of checkboxes

	sRoles = ""
	For each oRole in oResult.SelectNodes("//d:Role")
		sRoles = sRoles & "<input type=checkbox name=Roles id=Roles enabled value='" & oRole.Text & "'>" & oRole.Text & "</input><br>"
	Next


	' If no roles were found, set the div to indicate that

	If sRoles = "" then
		sRoles = "<label class=errmsg style='display: inline;' >No roles could be found."
	End if


	' Update the pane

	RoleList.InnerHTML = sRoles

End Function

Function ValidateRoleList

	' Flush the value to variables.dat, before we continue.

	SaveAllDataElements
	SaveProperties


	' Process full rules (needed to pick up the role settings, apps, etc.)

	sCmd = "wscript.exe """ & oUtility.ScriptDir & "\ZTIGather.wsf"""
	oItem = oShell.Run(sCmd, , true)

	ValidateRoleList = True

End Function
]]></CustomStatement>
  </Global>
  <Pane id="Roles">
    <Body><![CDATA[<H1>Select the roles to be assigned to this computer.</H1>
<br>
<div class=TreeList id=RoleList style="height: expression( GetDynamicListBoxSize(this) );">
<label class=errmsg style="display: inline;" >Loading roles...
<!-- List goes here -->
</div>
]]></Body>
    <Validation><![CDATA[ValidateRoleList]]></Validation>
    <Initialization><![CDATA[setTimeout GetRef("InitializeRoleList"), 0]]></Initialization>
  </Pane>
</Wizard>

While this is set up as a stand-alone wizard, you can insert this into an existing deployment wizard using the MDT Wizard Editor by following these steps:

  1. Launch the MDT Wizard Editor.
  2. Open the DeployWiz_Definition_ENU.xml file.
  3. Click on the “Global” pane.  Click “Add” on the “Settings” pane and choose to add a new “CustomStatement”.
  4. Select the new “CustomStatement” at the end of the “Settings” list.
  5. Select the VBScript code above (from the first comment line to the last End Function line) and copy it to the clipboard.
  6. Paste the copied VBScript code into the text box in the MDT Wizard Editor.  Edit the web service URL to specify your ADO.NET Data Services web service URL.
  7. Select a wizard pane (the new pane will be inserted after this one, so select appropriately).
  8. Select all the text above from “<Pane” through “</Pane>” and copy it to the clipboard.
  9. Right-click on the selected pane name in the MDT Wizard Editor and choose “Paste”.

What, your MDT Wizard Editor doesn’t have a “Paste” option?  Well, you need to download a new version from http://mdtwizardeditor.codeplex.com/, as I just added the paste capability tonight (along with other general usability improvements – I forced myself to actually use the program to create the rules wizard pane above and fixed all the behaviors I didn’t like while I was at it).

A few notes to mention:

  • Because the wizard runs after CustomSettings.ini has been processed, the role settings, applications, etc. wouldn’t be processed as the “Gather” process isn’t run again.  To work around this, I added logic above to run ZTIGather.wsf again.  This could add a delay when clicking “Next”, so you might choose to do this later (possibly by modifying LiteTouch.wsf).  The other problem with running ZTIGather.wsf from this wizard pane:  If you navigate back to this wizard pane and uncheck an item, it’s too late – the settings for that role have already been added into the task sequence environment.
  • The MDT 2010 wizard hypertext application (Wizard.hta) doesn’t load the ZTIDataAccess.vbs script needed to make web service calls from a wizard pane.  To work around this, I added logic above to dynamically load the file.  The other alternative would be to edit Wizard.hta to tell it to include the file.
  • The role list is populated asynchronously so that the wizard doesn’t appear to be hung.  This is done by the “setTimeout” initialization statement above.  Note that the “Next” (or “Finish”) button will be enabled even while this is happening, so if you don’t want to wait you can probably go ahead and click the button to move on to the next pane.
  • If you don’t have the ADO.NET Data Services web service set up and working, don’t expect this wizard pane to somehow magically fix it 🙂

Comments (11)
  1. Anonymous says:

    Hi there,

    I am trying to have this up and running on my test enviroment (Windows 2008 R2, WDS, MDT) but I am stuck on last 3 points.

    If I will past <Pane>..</Pane> in same window where the functions are I am receiving Wizard Error – Cannot have ‘]]>’ inside an XML CDATA block. Can you please advice what I am doing wrong?

    My Custom Statment looks as follows:

    ‘ ***************************************************************************

    ‘ File: Roles.xml

    ‘ Author: Michael Niehaus

    ‘ Version: 1.0

    ‘ Purpose: Display a list of roles from the MDT database, retrieved

    ‘ using an ADO.NET Data Services.web service.  One

    ‘ or more roles can be selected.  After they have been

    ‘ chosen, CustomSettings.ini needs to be re-processed

    ‘ to pick up the new settings.  Ideally this would be done

    ‘ after the wizard is complete (just in case someone

    ‘ navigated back to the screen after initially making

    ‘ changes), but that requires changing LiteTouch.wsf.

    ‘ NOTE: Be sure to modify the web service URL below

    ‘ ***************************************************************************

    Function InitializeRoleList

    Dim sScript

    Dim oDataService

    Dim oRole

    Dim sRoles

    ‘ Make sure that ZTIDataAccess.vbs is available since it isn’t loaded by Wizard.hta

    sScript = oFSO.OpenTextFile(oUtility.ScriptDir & "ZTIDataAccess.vbs", 1, false).ReadAll

    On Error Resume Next

    ExecuteGlobal sScript

    On Error Goto 0

    ‘ Call the web service

    Set oDataService = New WebService

    oDataService.WebService = "http://server_name/MDTDatabase.svc/RoleIdentity&quot;

    oDataService.Method = "REST"

    Set oResult = oDataService.Query

    ‘ Process the roles to populate the list of checkboxes

    sRoles = ""

    For each oRole in oResult.SelectNodes("//d:Role")

    sRoles = sRoles & "<input type=checkbox name=Roles id=Roles enabled value=’" & oRole.Text & "’>" & oRole.Text & "</input><br>"

    Next

    ‘ If no roles were found, set the div to indicate that

    If sRoles = "" then

    sRoles = "<label class=errmsg style=’display: inline;’ >No roles could be found."

    End if

    ‘ Update the pane

    RoleList.InnerHTML = sRoles

    End Function

    Function ValidateRoleList

    ‘ Flush the value to variables.dat, before we continue.

    SaveAllDataElements

    SaveProperties

    ‘ Process full rules (needed to pick up the role settings, apps, etc.)

    sCmd = "wscript.exe """ & oUtility.ScriptDir & "ZTIGather.wsf"""

    oItem = oShell.Run(sCmd, , true)

    ValidateRoleList = True

    End Function

    ]]></CustomStatement>

     </Global>

     <Pane id="Roles">

       <Body><![CDATA[<H1>Select the roles to be assigned to this computer.</H1>

    <br>

    <div class=TreeList id=RoleList style="height: expression( GetDynamicListBoxSize(this) );">

    <label class=errmsg style="display: inline;" >Loading roles…

    <!– List goes here –>

    </div>

    ]]></Body>

       <Validation><![CDATA[ValidateRoleList]]></Validation>

       <Initialization><![CDATA[setTimeout GetRef("InitializeRoleList"), 0]]></Initialization>

     </Pane>

    Thank you in advance,

    Tomasz Zajaczkowski

  2. Anonymous says:

    Hi Tomasz,

    The code example above is meant to exist as a standalone wizard with the file name being Roles.xml.  If you plan to add this to your existing wizard you will probably want to copy the  code from <pane>…</pane> into your xml file and the functions into your vbs file.

    As you can see from Michael’s example above, he was able to include the functions within the xml file by using this statement:

    <CustomStatement><![CDATA[ FUNCTIONS HERE ]]></CustomStatement>

    Hope this helps!

    P.S.  Thanks for the great example Michael, didn’t realize you could dynamically load vbs files in this manner.  

  3. Anonymous says:

    Hi,

    My mum alwyas said: read it twice, stupid!

    I was able to add custom statment and Role pane to DeployWiz_Definition. Unfortunately when tested from from both Windows XP (litetouch script) and wizard itslef Wizard ‘hangs’ on Roles seletion with Loading Role and error message:

    Line: 1

    Char: 1

    Error: Object required ‘oResult’

    Code: 0

    URL: file://\my_serverdeploymentshare$ScriptsWizard.hta

    Do you want to conitue running scripts on this page?

    I am able to open http://my_server/MDT/MDTdatabase.svc/RoleIdentity from WDS/IIS server wihtout any problem but it’s not accessible from Windows XP box.

    Thank you in advance,

    Tomasz

  4. Anders says:

    If you're running a refresh or a custom deployment from inside an operatingsystem which isn't the server that hosts the web service you'll run into a cross site scripting (XSS) issue which either prevents the web service from running or pops up a warning.

    You'll want to ensure that the site is in the local intranet zone and then you'll have to allow XSS for that zone. I do that by using two functions.

    Call AllowCrossDomainScripting before the actual web service call.

    Dim gXSS

    Function AllowCrossDomainScripting

    Dim oShell

    Dim iVal

    Dim strKey

    strKey = "HKCUSoftwareMicrosoftWindowsCurrentVersionInternet SettingsZones11406"

    Set oShell = CreateObject("WScript.Shell")

    On Error Resume Next

    iVal = oShell.RegRead(strKey)

    If Err = 0 Then

    gXSS = iVal

    End If

    oShell.RegWrite strKey, 0, "REG_DWORD"

    Set oShell = Nothing

    End Function

    Function ResetCrossDomainScripting

    Dim oShell

    Dim strKey

    strKey = "HKCUSoftwareMicrosoftWindowsCurrentVersionInternet SettingsZones11406"

    Set oShell = CreateObject("WScript.Shell")

    If IsEmpty(gXSS) Then

    oShell.RegDelete strKey

    Else

    oShell.RegWrite strKey, gXSS, "REG_DWORD"

    End If

    Set oShell = Nothing

    End Function

  5. JCP33 says:

    Another question:

    I'm doing a only rule role installation of Windows 2008 R2.

    I've just 2 screens: computername and role selection.

    I've got a error on drivers injection. After debugging i found that sTargetBuild was nothing (it must be 5 or 6)

    I had in LTIDriver.wsf if null then 6

    but i don't know why it doesn't init.

    when i tried by computer rule it works.

    Thanks for your help (if you have a idea)

    JCP

  6. JCP33 says:

    Are you sure about this:

    … "<input type=checkbox name=Roles id=Roles" …

    because it wasn't init Role properties like this

    I changed Roles by Role like this

    … "<input type=checkbox name=Role id=Role" …

    After this last change it works (but i'm not sure it's this change which make it works. To be sure i've to rebuild my MDT environment)

    Validate ?

    JCP

  7. randy says:

    this is very good but i am having minor issues. where i can see the roles but if i add application in the roles its not getting installed.

    Am i missing sth??? thx

  8. Uwe Thelenberg says:

    Nice, but have you an Update for MDT2012?

  9. showbox says:

    Thanks for the great info. I really loved this. I would like to apprentice at the same time as you amend your web site, how could i subscribe for a blog site?
    For more info on showbox please refer below sites:
    http://showboxandroids.com/showbox-apk/
    http://showboxappandroid.com/
    Latest version of Showbox App download for all android smart phones and tablets.
    http://movieboxappdownloads.com/ – It’s just 2 MB file you can easily get it on your android device without much trouble. Showbox app was well designed application for android to watch movies and TV shows, Cartoons and many more such things on your smartphone.
    For showbox on iOS (iPhone/iPad), please read below articles:
    http://showboxappk.com/showbox-for-ipad-download/
    http://showboxappk.com/showbox-for-iphone/
    Showbox for PC articles:
    http://showboxandroids.com/showbox-for-pc/
    http://showboxappandroid.com/showbox-for-pc-download/
    http://showboxforpcs.com/
    There are countless for PC clients as it is essentially easy to understand, simple to introduce, gives continuous administration, effectively reasonable. it is accessible at completely free of expense i.e., there will be no establishment charges and after establishment
    it doesn’t charge cash for watching films and recordings. Not simply watching, it likewise offers alternative to download recordings and motion pictures. The accompanying are the strides that are to be taken after to introduce Showbox application on Android.
    The above all else thing to be done is, go to the Security Settings on your Android telephone, Scroll down and tap on ‘Obscure sources’.

  10. aw says:

    hai, I just want to tell you that I am just very new to blogs and seriously loved this website. More than likely I’m planning to bookmark your blog post .
    You amazingly come with really good posts. Thanks a lot for sharing your blog Microsoft.

    http://www.lokerjobindo.com/search/label/Loker%20Daerah%20Aceh
    http://www.lokerjobindo.com/search/label/Loker%20Daerah%20Bali
    http://www.lokerjobindo.com/search/label/Loker%20Daerah%20Balikpapan
    http://www.lokerjobindo.com/search/label/Loker%20Daerah%20Bandung
    http://www.lokerjobindo.com/search/label/Loker%20Daerah%20Banjarmasin
    http://www.lokerjobindo.com/search/label/Loker%20Daerah%20Banten
    http://www.lokerjobindo.com/search/label/Loker%20Daerah%20Batam
    http://www.lokerjobindo.com/search/label/Loker%20Daerah%20Bekasi
    http://www.lokerjobindo.com/search/label/Loker%20Daerah%20Bengkulu
    http://www.lokerjobindo.com/search/label/Loker%20Daerah%20Bogor
    http://www.lokerjobindo.com/search/label/Loker%20Daerah%20Bontang
    http://www.lokerjobindo.com/search/label/Loker%20Daerah%20Cianjur
    http://www.lokerjobindo.com/search/label/Loker%20Daerah%20Cikarang
    http://www.lokerjobindo.com/search/label/Loker%20Daerah%20Cilegon
    http://www.lokerjobindo.com/search/label/Loker%20Daerah%20Cirebon
    http://www.lokerjobindo.com/search/label/Loker%20Daerah%20Denpasar
    http://www.lokerjobindo.com/search/label/Loker%20Daerah%20Jakarta
    http://www.lokerjobindo.com/search/label/Loker%20Daerah%20Jambi
    http://www.lokerjobindo.com/search/label/Loker%20Daerah%20Jember
    http://www.lokerjobindo.com/search/label/Loker%20Daerah%20Karawang
    http://www.lokerjobindo.com/search/label/Loker%20Daerah%20Kendal
    http://www.lokerjobindo.com/search/label/Loker%20Daerah%20Kudus
    http://www.lokerjobindo.com/search/label/Loker%20Daerah%20Kupang
    http://www.lokerjobindo.com/search/label/Loker%20Daerah%20Lampung
    http://www.lokerjobindo.com/search/label/Loker%20Daerah%20Madiun
    http://www.lokerjobindo.com/search/label/Loker%20Daerah%20Makasar
    http://www.lokerjobindo.com/search/label/Loker%20Daerah%20Malang
    http://www.lokerjobindo.com/search/label/Loker%20Daerah%20Maluku
    http://www.lokerjobindo.com/search/label/Loker%20Daerah%20Manado
    http://www.lokerjobindo.com/search/label/Loker%20Daerah%20Medan
    http://www.lokerjobindo.com/search/label/Loker%20Daerah%20NTT
    http://www.lokerjobindo.com/search/label/Loker%20Daerah%20Padang

  11. Disintegrate says:

    Hello,

    I was able to get it running on MDT 2013 update 2. The only issue is that settings assigned to the specific role are not being applied.
    As far, as I can tell gather is running for a second time.
    The only change I’ve made was check boxes to radio buttons and call external VBS script to enable XSS and avoid the security prompt.
    When I click Finish (Roles are last pane in the wizard), I receive Error:424=Object Required, VBScript Code ValidateRoleList

    Thank you in advance,
    Kalin

Comments are closed.